lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Tue, 15 Jan 2019 13:58:25 +0000
From:   Julien Thierry <julien.thierry@....com>
To:     linux-kernel@...r.kernel.org, linux-arm-kernel@...ts.infradead.org
Cc:     mingo@...hat.com, peterz@...radead.org, catalin.marinas@....com,
        will.deacon@....com, james.morse@....com, hpa@...or.com,
        valentin.schneider@....com, Julien Thierry <julien.thierry@....com>
Subject: [PATCH v3 0/4] uaccess: Add unsafe accessors for arm64

Hi,

First version of this series[1] was briefly in linux-next but had to be
reverted due to a bug where schedule would end up being called while
user_access was active[2].

After clarifications[3], rescheduling while in a user_access region is not
allowed.

* Patches 1 and 2 implement the unsafe accessors for arm64
* Patches 3 and 4 clarify this restriction in the API and attempts to
  check against violations of the restriction.

Changes since v2[4]:
- Rebase on v5.0-rc2
- access_ok() is now done in user_access_begin(), so rework accessors
  so access_ok() is not called in unsafe_get/put_user()
- Split addition of unsafe accessors and the user_access_region check
  into separate patches
- Avoid reading SCTLR_EL1 in user_access_region check
- Add build option for user_access_region checking
- Reword clarifications on unsafe accessors API

Changes since v1[1]:
- Add a way to detect code calling schedule within a user_access region
- Make sure put_user/get_user arguments are evaluated before disabling PAN

[1] https://www.spinics.net/lists/arm-kernel/msg674925.html
[2] https://patchwork.kernel.org/patch/10634783/
[3] https://lkml.org/lkml/2018/11/28/50
[4] http://lists.infradead.org/pipermail/linux-arm-kernel/2018-December/617080.html

Cheers,

Julien

-->

Julien Thierry (4):
  arm64: uaccess: Cleanup get/put_user()
  arm64: uaccess: Implement unsafe accessors
  uaccess: Check no rescheduling function is called in unsafe region
  arm64: uaccess: Implement user_access_region_active

 arch/arm64/include/asm/sysreg.h  |   2 +
 arch/arm64/include/asm/uaccess.h | 123 ++++++++++++++++++++++++++-------------
 include/linux/kernel.h           |  11 +++-
 include/linux/uaccess.h          |  13 +++++
 kernel/sched/core.c              |  22 +++++++
 lib/Kconfig.debug                |   8 +++
 6 files changed, 135 insertions(+), 44 deletions(-)

--
1.9.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ